Hi,
Thanks for fixing this. Would it be possible to also fix this bug in a
9.8.4 upload directed for Wheezy? Maybe using testing-proposed-updates?
A patch for this against version 1:9.8.4.dfsg.P1-2 is attached.
Regards,
Rik
On 01/10/2013 01:36 AM, Debian Bug Tracking System wrote:
This is an automatic notification regarding your Bug report
which was filed against the bind9 package:
#697681: bind9: DNSSEC validating resolver spams log file after upgrade to 9.8.4
It has been closed by LaMont Jones <lam...@debian.org>.
--
Rik Theys
System Engineer
KU Leuven - Dept. Elektrotechniek (ESAT)
Kasteelpark Arenberg 10 bus 2440 - B-3001 Leuven-Heverlee
+32(0)16/32.11.07
----------------------------------------------------------------
<<Any errors in spelling, tact or fact are transmission errors>>
diff -ur bind9-9.8.4.dfsg.P1.orig/lib/dns/dnssec.c bind9-9.8.4.dfsg.P1/lib/dns/dnssec.c
--- bind9-9.8.4.dfsg.P1.orig/lib/dns/dnssec.c 2012-10-26 06:52:55.000000000 +0200
+++ bind9-9.8.4.dfsg.P1/lib/dns/dnssec.c 2013-01-08 14:29:19.980398778 +0100
@@ -552,7 +552,7 @@
char namebuf[DNS_NAME_FORMATSIZE];
dns_name_format(&sig.signer, namebuf, sizeof(namebuf));
isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
- DNS_LOGMODULE_DNSSEC, ISC_LOG_INFO,
+ DNS_LOGMODULE_DNSSEC, ISC_LOG_DEBUG(1),
"sucessfully validated after lower casing "
"signer '%s'", namebuf);
inc_stat(dns_dnssecstats_downcase);
diff -ur bind9-9.8.4.dfsg.P1.orig/lib/dns/opensslrsa_link.c bind9-9.8.4.dfsg.P1/lib/dns/opensslrsa_link.c
--- bind9-9.8.4.dfsg.P1.orig/lib/dns/opensslrsa_link.c 2012-10-26 06:52:55.000000000 +0200
+++ bind9-9.8.4.dfsg.P1/lib/dns/opensslrsa_link.c 2013-01-08 14:26:58.996397527 +0100
@@ -633,8 +633,7 @@
#endif
#endif
if (status != 1)
- return (dst__openssl_toresult2("RSA_verify",
- DST_R_VERIFYFAILURE));
+ return (dst__openssl_toresult(DST_R_VERIFYFAILURE));
return (ISC_R_SUCCESS);
}
